Post navigation

In February 2015 the public discovered that Lenovo released new Lenovo laptops with Microsoft Windows came preinstalled with “Superfish” which allowed, among other things, spying on user’s web connections even if those connections were encrypted. The software responsible for this is “Superfish”. You can read more about Lenovo/Superfish on Ars Technica and Wikipedia. Lenovo claims laptops shipped between October and December 2014 have Superfish preinstalled and Lenovo claims they won’t resume shipping Superfish. But why trust them?

The Free Software Foundation (FSF) calls on Lenovo “to create and sell laptops that are certified to respect user freedom and come with a preinstalled free operating system“. The FSF also points out the difference between proprietary security exploitation (such as what was done with Superfish) and free software privacy mistakes (such as what happened with Heartbleed and POODLE):

Recent high-profile security vulnerabilities in free software, like Heartbleed and POODLE, were created when well-intentioned developers made mistakes that were difficult to detect. But this is different — Lenovo and Superfish caused a massive security breach for the sake of expedience in generating ad revenue.

Digital Citizen agrees with this call. Lenovo can set a trend for respecting user freedom by working with the FSF and the FSF’s Respects Your Freedom campaign to produce laptops that users can buy which respect the user’s freedom right out of the box.

Update (2015-02-22): Ars Technica publishes an article saying that there are now 14 known programs using the same code that renders users helpless against secure website spying. And the article also reminds us that “Superfish CEO Adi Pinhas issued a statement on Friday saying Superfish software posed no security risk“. It’s worth keeping this in mind the next time you hear any proprietor tell you their software is secure. Free software offers no guarantee of security but software freedom lets you inspect the program to make sure it does only what you want it to do, alter the program until it meets your needs, and distribute the program to help others. Proprietary programs are an unknown quantity—you can’t tell all of what they do because you have no complete corresponding source code, you have no distribution rights so you can’t help others or get much help from them, and some proprietary programs even restrict when they may be run.

Most people interact with free software every day, but many of those people don’t know what free software is or why they should go out of their way to use it. The Free Software Foundation (FSF) wants to fix that (and I think you want to fix this too), so the FSF commissioned a short video that makes free software easy for everyone to understand:

There are a few small “easter eggs,” both intentional and unintentional, in the “User Liberation” video we just released. One that drew some comments is the desktop screenshot flashing by near the video’s end.

Is that…a Skype icon? Is that…Flash? Is that…nVidia? IN AN FSF VIDEO?

After this was brought to my attention, I first thought it was fine to include the icons, because of the overall framing. The narrator in that section of the video says, “We’ve still got work to do.” None of the context promotes or recommends use of those programs, and since the icons flashed by in a second, I didn’t think we were increasing their recognizability or notoriety. Everything about the video problematizes proprietary software and advocates user freedom. The only application the character is directly using is free software. The other icons seemed merely part of a realistic scenery, and as we all know, the scenery of our digital lives contains much ugliness.

Microsoft recently announced that they were releasing their .NET software under the MIT license; ostensibly making Microsoft’s .NET implementation Free Software. Microsoft also published a patent promise telling each user Microsoft won’t “assert any .NET Patents against you for making, using, selling, offering for sale, importing, or distributing” covered .NET code. Mono, a .NET implementation, has incorporated Microsoft’s previous code contributions and plans to do more of this.

Mono developer Miguel de Icaza mentioned “Open Source” 9 times in his blog post, each time endorsing the open source movement and Microsoft’s actions.

But Microsoft’s software has a patent trap within: Microsoft is not clearly granting each user an irrevocable patent license for all of its patents that Mono actually exercises.

Was it ever wise to include Microsoft’s code?
Is it wise to do this now?
Is it wise to build dependencies on C#, a language that depends on a .NET implementation?
Is it wise to build dependencies on anything else involving .NET?

It’s worth looking at history to see what traps Microsoft has set and determine if those problems still exist.

In 2009 the FSF advised against writing software in C# and pointed to a practical alternative to C# while making it clear that the problem lies not with C# or .NET implementations but with taking great risks believing Microsoft’s patents won’t be used to sue users into losing the very freedoms they ostensibly gained. Here’s how the trap would work: Neither Microsoft’s Patent Promise nor Microsoft’s chosen license grant you an irrevocable patent license. Microsoft has promised to not sue you. A promise not to sue and an irrevocable patent license are not the same thing because the circumstances that make Microsoft’s promise true today can change tomorrow rendering the promise obsolete. The same is not true of an irrevocable patent license. As the FSF pointed out in 2009:

The Community Promise does not give you any rights to exercise the patented claims. It only says that Microsoft will not sue you over claims in patents that it owns or controls. If Microsoft sells one of those patents, there’s nothing stopping the buyer from suing everyone who uses the software.

The FSF’s 2009 essay cites quotes to clearly show how Microsoft has the intention to be a patent aggressor targeting Free Software users. It should be obvious that Microsoft has the means to litigate.

Computer users beware: Avoid .NET dependencies (including C# and .NET applications) and don’t get other users into a patent trap. As FSF Executive Director John Sullivan wrote in 2009 it’s not bad to have free .NET implementations but we should not depend on them because they carry unnecessary patent infringement risk:

We should systematically arrange to depend on the free C# implementations as little as possible. In other words, we should discourage people from writing programs in C#. Therefore, we should not include C# implementations in the default installation of GNU/Linux distributions or in their principal ways of installing GNOME, and we should distribute and recommend non-C# applications rather than comparable C# applications whenever possible.

I can’t help but notice how “open source” is all over the announcement and supporters’ blog posts encouraging you to take Microsoft’s patent bait. I don’t see one open source proponent warn you about any potential patent problems. And I notice that the Free Software Foundation offers sage warnings about patent ownership, about how ownership changes render patent promises moot, and I see that the FSF gives us practical solutions to avoid Microsoft’s patent trap. This is no accident. It’s part of how Free Software and Open Source differ and how those philosophical differences sometimes lead to radical differences on the ground.

The Free Software movement is a social movement known for looking out for every computer user’s software freedoms to run, share, and modify published computer software. Open Source is a younger business-friendly developmental methodology designed to never raise software freedom as an issue so your loss of those freedoms never comes to mind (read source 1 and source 2 for more information on this).

“you’re only protected if you’re distributing the code “as part of either a .NET Runtime or as part of any application designed to run on a .NET Runtime“. So if you add any of the code to another project, then you lose protection and MS reserves the right to sue you or ask for royalties” (source)

“the protection only applies to a “compliant implementation” of .NET. So if you want to remove some parts and make a streamlined framework for embedded devices, then your implementation won’t be compliant and the protection doesn’t apply to you.” (source)

So even if ESP is correct and a promise not to sue is as good as a license, Microsoft’s patent promise has enough problems with it that you’re still left with the same result: you’re better off not building dependencies on .NET. Don’t follow the aforementioned “open source” promotions.

Today I came across a report in Trisquel GNU/Linux’s issue tracker describing a new bug in Mozilla Firefox which, Trisquel developer Rubén Rodríguez Pérez says “allows Mozilla to install any binary into the browser, through a dedicated system of updates”.

This situation is a clear indication of how Free Software underscores one’s security and how nonfree (or proprietary) software undermines one’s security.

Background

Trisquel is a fully-free GNU/Linux operating system. The software in this system is entirely free for users to run, share, and modify at any time for any reason. Mozilla Firefox is a web browser developed by the Mozilla organization, a proponent of the Open Source development methodology which distributes Firefox as Free Software. The Free Software Foundation is a non-profit organization dedicated to informing computer users about software freedom (the freedom to use, study, copy, modify, and redistribute computer programs).

One week after the International Day Against DRM, Mozilla announced a partnership with proprietary software company Adobe to implement support for Web-based Digital Restrictions Management (DRM) in its Firefox browser. Mozilla changed Firefox so Firefox would prompt the user to install a proprietary program to decode a certain kind of video, the kind of video some video distributors such as Netflix, wish to use. Firefox will do this by looking at a list of repositories from which Firefox can download the program, download a program to do this job, and then run the program from the user’s system.

Firefox’s current implementation

We now know that this alleged “feature” is implemented in such a way that it could allow Mozilla to get the user to run any program Mozilla wants to publish (as Pérez describes). This is troubling because if the repository ever comes under the control of someone untrustworthy, the repository could be used as a distribution point for malware.

But couldn’t any browser do the same? Why is Firefox uniquely worthy of mention here?

Any browser could implement the same mechanism in the same way (and for all we know other nonfree browsers already do this). But since Firefox is Free Software users have the freedom to:

modify the browser to not load the externally-provided binaries in the first place thus avoiding the entire issue,

distribute the improved freedom-respecting variant to others to help one’s community avoid the nonfree software,

run the improved browser whenever they want and make it a part of a wholly Free Software operating system as Trisquel is doing. The power of a better example is compelling.

These freedoms allow programmers to deliver derivatives of Firefox such as “Abrowser” which respect a user’s software freedom by effectively disabling the malware-loading code and changing the browser so it won’t introduce users to nonfree add-ons by default.

Fortunately Firefox is not the only Free Software browser out there and users of other Free Software browsers have the same freedoms. Users of nonfree browsers don’t have these freedoms and are thus at the mercy of whatever the browser developers want to allow (and whatever the programs those browsers install allow).

So the big deal is freedom of choice, right?

No. Software freedom is not freedom of choice because freedom of choice is easily turned against the user. Imagine if all the browsers a user had to choose from were nonfree. That user would have to choose amongst a variety of browsers where none of the choices were safe from this malware distribution mechanism. If a user didn’t want malware they’d have no freedom to prevent malware from being distributed to them, posing as a program purporting to offer some benefit, and running that malware without having any opportunity to vet the software or reject it.

But I’m not a programmer! I can’t vet any software. Whether the browser is Free Software or not doesn’t matter to me, right?

Software freedom should matter to all computer users because we all need to make sure our computers are safe for us to use. There’s too much Free Software out there to vet all of it ourselves, we have to rely on someone to do some vetting for us. But if we don’t support software freedom for its own sake we can’t trust anyone to review software with our interests in mind. This leaves us at the mercy of those who will do us harm by getting our computers to run malware.

We can’t know what other problems await iTunes users because iTunes was and is nonfree software. Users aren’t allowed to inspect, share, or modify the program. So even if users find another problem with iTunes they can’t legally prepare and distribute an improved version of iTunes that doesn’t have the flaw. The same problem applies to all nonfree programs.

What can Mozilla do instead?

Mozilla can’t and shouldn’t control which websites one visits. But Mozilla can control what Firefox presents to the user as a reasonable addition to enable some desired functionality. And this situation gives Mozilla an opportunity to educate users about the problems with DRM and the tough choice they face in delivering a browser that respects user’s software freedom even when those freedoms mean doing without Netflix. Mozilla should not make it easier for users to run nonfree software.

I don’t agree with any form of DRM (Digital Restrictions Management) being “justifiable” for some forms of media but not audio (presumably because consumers have been acclimated to DRM-freedom for audio). A series of technocratic explanations won’t justify rejecting Apple’s latest attempt to subject more individuals to DRM, only ethical examinations will provide the lasting and consistent critique called for here. Marco Arment’s rationale suggests he is not analyzing this situation from the most important perspective—a user’s software freedom and a user’s freedom to replay the recording at any time, in any location, and completely in privacy if desired. “Piracy” and “theft” are rightly identified as “smear words” as a US judge presiding over a trial for copyright infringement said. Unauthorized copying is no justification for treating users as DRM treats them.

Arment’s technocratic arguments all fail to dissuade anyone who buys his setup from accepting Apple’s upcoming format because it’s so easy for Apple to supply software to overcome any technological barrier so long as one accepts Apple’s software. Arguing from the perspective of what’s good for “the industry”, or guessing about Jobs’s personal motivations that he “also truly disliked DRM, as a tasteful consumer, technologist, and human being, and wanted to abolish as much of it as he could” doesn’t jibe with the long list of restriction-riddled products and services Jobs championed, but more important these arguments won’t convince people to defend their interests in respecting their rights with media.

I suspect Arment’s article comes from the “open source” perspective; a movement which accepts software proprietors because that movement was designed to favor business interests over user’s interests. Free Software activists reject DRM in any form for any work for consistent and sound reasons grounded in ethics and pitched to all computer users; the Free Software movement is a social movement which says that all computer users deserve the freedoms to run, inspect, share, and modify computer software for any reason. Treating users otherwise is not respecting fundamental rights all computer users need to live in a good life in a community of goodwill, cooperation, and collaboration. Open Source advocates, by contrast, accept whatever businesses want to pursue because that’s the entire rationale behind the Open Source movement—start with Free Software, throw away the software freedom and any ethical argument tied to respecting a user’s software freedom, and pitch the rest primarily to business as a development methodology encouraging business leaders to accept the work of programmers under amenable licensing terms such as what the Free Software movement identifies as non-copyleft Free Software licenses. These licenses grant users the freedoms of free software but allow for nonfree derivative programs that deny users software freedom. After all, if “People care about music and convenience, period.” these individuals don’t care about their own freedom to experience the media they’ve obtained whenever and wherever they wish, reselling it if desired, and enjoying the media without being spied upon, right? Such individuals are “consumer“—individuals who are never to be thought of as someone possessing rights like a citizen but instead to be thought of as erroneously using up information. This means there’s no good reason for any consumer to reject Apple’s upcoming audio format. If Arment were more interested in user’s freedoms he would point out to readers how that view serves business interests looking to take away citizen’s rights via DRM. See Defective by Design and Richard Stallman’s personal website for more information; both are replete with examples of how people lose rights with DRM they had with non-DRMed media. The ethical underpinnings of these arguments are far more compelling than any business interest or convenience-based explanation. Some users rights aren’t more important than other user’s rights, we need to fight for everyone’s software freedom and rights to not be subjected to DRM.

Why would a business push again for DRM in audio? Because from their perspective they see a lot of opportunity:

people accepting the aforementioned divide-and-conquer argument behind some media being “justifiable” for DRM (as Arment claims). In this greedy framing of the debate, it’s okay that some media (videos, ebooks) exploit citizens and other media have yet to be fought for hard enough. When this issue is framed according to what’s in a user’s best interest, all DRM is unethical. Under DRM we lose rights we had with traditional forms of media (including right of resale and control over our own computers via installing nonfree software). Therefore nobody should purchase from DRM’d media sources and nobody should encourage others to take on DRM’d works.

A couple of issues have come up recently highlighting the difference between the younger Open Source movement and the older Free Software movement which help properly frame the issues and provide some historical context.

Free Software is a social movement that started when Richard Stallman began the GNU Project in 1984. This movement wants all computer users to be free to run, inspect, share, and modify all published computer software (including for commercial software uses). Open Source is a developmental methodology that started in 1998 as a reaction to the Free Software movement. This movements proponents omit any mention of software freedom in their pitch to software developers promising more robust and reliable programs when one develops a program using this development methodology.

[P]eople from the free software movement and the open source camp often work together on practical projects such as software development. It is remarkable that such different philosophical views can so often motivate different people to participate in the same projects. Nonetheless, there are situations where these fundamentally different views lead to very different actions.

The idea of open source is that allowing users to change and redistribute the software will make it more powerful and reliable. But this is not guaranteed. Developers of proprietary software are not necessarily incompetent. Sometimes they produce a program that is powerful and reliable, even though it does not respect the users’ freedom. Free software activists and open source enthusiasts will react very differently to that.

A pure open source enthusiast, one that is not at all influenced by the ideals of free software, will say, “I am surprised you were able to make the program work so well without using our development model, but you did. How can I get a copy?” This attitude will reward schemes that take away our freedom, leading to its loss.

The free software activist will say, “Your program is very attractive, but I value my freedom more. So I reject your program. Instead I will support a project to develop a free replacement.” If we value our freedom, we can act to maintain and defend it.

The Open Source proponent’s reaction to this is general acceptance: be it reluctant or otherwise qualified acceptance, the additional software will be welcomed regardless of what effect it has on the user’s ability to ensure their computer only does what the user wants it to do. As the FSF points out, Mozilla makes this change favoring popularity over software freedom for Firefox users despite that Mozilla “have produced no evidence to substantiate this fear or made any effort to study the situation”.

The Free Software advocate’s reaction to this is rejection: any proprietary software means a reduction in software freedom which invariably lead to a number of problems as those in control of the proprietary software have their way with the user’s computer. In light of the strong ethically-backed rationale Free Software advocates provide and in light of the Snowden revelations, one realizes that democracy depends on privacy and privacy on a computer is impossible without software freedom.

An operating system kernel is a program that makes it possible for multiple programs to share a computer’s resources. The Linux kernel does this job and has become remarkably popular. But Linus Torvalds, the first developer of the Linux kernel, doesn’t think software freedom is worthwhile. Initially he released Linux under a license that forbade commercial use which made Linux nonfree software. Then later he changed the license to the GNU General Public License version 2, making Linux free software. The Linux kernel Torvalds distributes includes nonfree software in the form of “binary blobs”—code intended to allow the Linux kernal to work with certain computer hardware while not revealing how this interoperation truly works.

The Open Source proponent’s reaction to binary blobs usually comes down to convenience: it’s more convenient to run an operating system based on the Linux kernel (such as a GNU/Linux operating system) where all parts of the user’s extant computer system are fully operable, than to have to get different hardware or do without some functionality hardware provides because the only software that works to talk to that hardware is nonfree. Convenience leads to popularity and popularity is critical for an Open Source proponent.

The Free Software advocate’s reaction to binary blobs is to excise them. A group of kernel programmers build Linux-libre, a fork of the Linux kernel which purposefully excludes the nonfree blobs. Any less-functional or non-functional hardware is considered an opportunity; a call for reverse-engineering in order to figure out how the hardware really works, document that behavior, and implement free software to fill that gap.

By 2005 Linux kernel programmers had been using a nonfree program called “BitKeeper” to keep track of their programming work on Linux. BitKeeper was available at no charge to some Linux programmers because Larry McVoy, a Linux kernel developer and the head of BitMover, Inc. which makes BitKeeper, wanted to entice Linux programmers to become dependent on BitKeeper. Some Linux developers, such as longtime Linux developer Alan Cox, objected to allowing a proprietary developer to control how they worked with a free program and didn’t use BitKeeper to track their work. In 2005 Andrew “Tridge” Tridgell released software that allowed anyone to get code revision metadata from a BitKeeper server without using the BitKeeper program to do this job. Tridge’s work angered Torvalds and Tridge’s work was the principal cause for McVoy to rescind gratis licenses to the Linux developers. Ultimately Torvalds went on to develop “git”, a free software source code revision tracking system, used by many projects including Linux.

Torvalds’ anger is a typical Open Source proponent reaction to Tridge’s work; Torvalds said Tridgell “screwed people over” and he “tore down something new (and impressive) because he could”, and “He didn’t write a ‘better SCM [source code management tool] than BK [Bitkeeper]’. He didn’t even try – it wasn’t his goal. He just wanted to see what the protocols and data was, without actually producing any replacement for the (inevitable) problems he caused and knew about.”. From the perspective of someone who doesn’t value software freedom, Tridge’s actions are not valuable in themselves only in how they led to McVoy’s reaction to deny Linux developers gratis copies of a practical means to an end. Assigning responsibility to McVoy for McVoy’s choices (both in trying to make free software hackers dependent upon nonfree software and in later rescinding gratis licenses to BitKeeper) is simply not a viable explanation for Open Source proponents. That would call for recognizing (even implicitly) the damage of nonfree software and the proof of that damage when the gratis licenses were rescinded.

I’ve watched a lot of conference videos on a lot of topics. Few lectures are recorded well and it doesn’t take much to greatly improve most recordings I’ve seen. Here are some tips for improving recordings of lectures.

Speakers

If you’re speaking, here are some tips for you.

Know where the microphone is and which direction it is aiming because a lot of mics are very directional; turning your head away from the mic greatly reduces the microphone’s ability to accurately pick up your speech. You go from being heard to sounding like you’re mumbling from another room.

Either wear a mic attached to your head that turns with you (such as an ear clip or head piece) or practice holding a portable microphone in front of your mouth even when you turn your head by turning your chest with your head. If the mic is stationary, practice pivoting around the head of the mic so you’re always speaking into the mic even when you’re not facing the same direction as the mic. This should allow you to look at the person to whom you are speaking while still being recorded by the mic.

Don’t gesticulate between the projector and the screen. Anyone standing in between the projector and screen gets in the way of the projection by casting a shadow on the screen. If the recording captures what’s projected instead of the feed coming from the your computer, your audience can’t read your slides. If the recording captures the video feed instead of the projection, those viewing the recording won’t see what you’re doing in front of the projection. Either way, your gesticulation means something you deem important enough to do is lost on some of your audience.

Instead use your computer to highlight something on the screen as you talk. Use the computer to highlight something (via drag-and-drop or selecting interesting words and paragraphs). Structure your slides to focus on one point at a time. This approach will let you simultaneously draw the audience’s attention to something on-screen while speaking aloud to elaborate a point.

Enunciate your words, don’t mumble. Your audience chose to hear and see you, you should be heard and understood clearly.

Practice speaking slowly in front of people unfamiliar with your talk. Ask them if they could understand what you said. You are more familiar with your name than anyone you’re speaking to so don’t rush through speaking your name.

Don’t poll the audience (“How many people here have used the BarFoo system?”, “Anyone already familiar with the Foobar programming language?”, “Who has visited my website?”). You should speak to an audience outside the room (ideally audiences you will never meet watching your recording later, including audiences seeing/hearing you after you’re dead). It’s too late to change your talk to suit a different audience. Clear thinking and clear explanations contain summaries of situations that convey how you understand the situation you’re about to elaborate upon.

If you need to speak to a particular audience instead of a general audience, make sure the lecture description contains expected prerequisites.

Are you taking questions from the audience? Repeat each question before you answer each question so the recording (the most important audience) understands the context of your response and everyone listening to you understands what you got out of the question.

Consider not using slides because they distract the audience away from what you’re saying and because you probably have too many slides which are hard to read or contain too much information for anyone to remember.

Event organizers

If you’re organizing a set of lectures or recording someone speaking, here are some tips for you.

Convey details clearly and completely in your invitation by laying down clear ground rules for your event when you invite speakers. Tell speakers in advance what they can expect from the audience (who is likely to attend, what reception are speakers likely to get). Anyone who doesn’t like what you’re describing can decline your invitation.

Tell speakers:

that their lecture and any subsequent question/comment period will be recorded and/or distributed live online in whatever format(s) you pick.

the specific license under which all recordings of the event will be distributed. Don’t be vague by saying recordings will be distributed under “A Creative Commons license” (which one?) or by saying the recordings will be “Freely available” (which freedoms will you convey to recipients? Or do you mean available at no charge?). Name a specific license such as “The Creative Commons By-No Derivatives 4.0 license” and provide a clear reference for the license such as a valid link to the complete license text.

that you expect all speakers at your event to highlight some idea or favor something in their talks. If I were organizing a series of lectures about Free Software, I’d expect each lecture at the series to focus on and favor software freedom for its own sake and not “Open Source” or proprietary software, nor would I want speakers to fail to distinguish between the GNU operating system and the Linux kernel, no matter how inconvenient expressed opinions might be to business sponsors.

It is better to record the speaker and only record the speaker well than to record everything in the room poorly. Do not be shy about recording speakers! Place your camera in the front row and get a feed from the in-house audio system used by the speaker. Condenser mics in located far from the speaker (such as those attached to a camera at the rear of the room) do a poor job of recording the speaker. The speaker’s talk is the primary attraction, so if you are organizing an event give the speaker a mic attached to their head (so the mic turns with their head) or a mic they can hold as they turn and have backup equipment ready should the speaker’s mic fail.

Don’t interrupt the speaker(s) for administration details during their talk. In recordings of the 2014 DEF CON talks I noticed that convention administrators interrupted the speaker’s talk to give first-time speakers drinks and a speech announcing the interruption. I found this annoying to do at all; the interruption meant waiting for off-mic administrators to finish, and the interruption broke my concentration when I was focusing on the talk (the reason I spent time with the recording). Instead I think administrators should engage with speakers after the talk, or between the talk and Q&A, or after the Q&A has finished.

Moine and responses mention how non-free software running in devices (i.e., non-free firmware) are used to make certain hardware work with Fedora GNU/Linux. Fedora GNU/Linux users end up running this software because the Fedora project favors making sure their system uses the hardware available—convenience—instead of using the opportunity to educate the user about software freedom. Catering to convenience over freedom is a hallmark of the open source movement as the older essay describes in fear of freedom:

The main argument for the term “open source software” is that “free software” makes some people uneasy. That’s true: talking about freedom, about ethical issues, about responsibilities as well as convenience, is asking people to think about things they might rather ignore. This can trigger discomfort, and some people may reject the idea for that. It does not follow that society would be better off if we stop talking about these things.

Years ago, free software developers noticed this discomfort reaction, and some started exploring an approach for avoiding it. They figured that by keeping quiet about ethics and freedom, and talking only about the immediate practical benefits of certain free software, they might be able to “sell” the software more effectively to certain users, especially business. The term “open source” is offered as a way of doing more of this—a way to be “more acceptable to business.” The views and values of the Open Source movement stem from this decision.

This approach has proved effective, in its own terms. Today many people are switching to free software for purely practical reasons. That is good, as far as it goes, but that isn’t all we need to do! Attracting users to free software is not the whole job, just the first step.

Sooner or later these users will be invited to switch back to proprietary software for some practical advantage. Countless companies seek to offer such temptation, and why would users decline? Only if they have learned to value the freedom free software gives them, for its own sake. It is up to us to spread this idea—and in order to do that, we have to talk about freedom. A certain amount of the “keep quiet” approach to business can be useful for the community, but we must have plenty of freedom talk too.

The idea of open source is that allowing users to change and redistribute the software will make it more powerful and reliable. But this is not guaranteed. Developers of proprietary software are not necessarily incompetent. Sometimes they produce a program that is powerful and reliable, even though it does not respect the users’ freedom. Free software activists and open source enthusiasts will react very differently to that.

A pure open source enthusiast, one that is not at all influenced by the ideals of free software, will say, “I am surprised you were able to make the program work so well without using our development model, but you did. How can I get a copy?” This attitude will reward schemes that take away our freedom, leading to its loss.

The free software activist will say, “Your program is very attractive, but I value my freedom more. So I reject your program. Instead I will support a project to develop a free replacement.” If we value our freedom, we can act to maintain and defend it.

Moine and some respondants distinguish between running software on one’s “main CPU” and other processors in a modern computer system. The distinction isn’t made to highlight security problems (as the FSF did when developers of a fully free/libre version of Android found and closed a huge security hole in Samsung Galaxy devices) or to highlight how you deserve software freedom for all of the computers in your system. Instead, open source advocates say this as because they think it justifies Fedora distributing non-free firmware to users; somehow running non-free software on one’s “main CPU” is ethically objectionable but running non-free software on some other computer hardware is okay. This distinction is meaningless from the perspective of software freedom—users deserve software freedom on all of their computing devices. This might mean making inconvenient decisions like choosing different computing hardware or not fully exploiting the capabilities of one’s computer until free software exists.

Kevin Kofler, a respondant on Moine’s blog, says one of the Fedora project’s goals is to move “hardcoded blobs to use the dynamic firmware loader instead, so they can be moved to linux-firmware”. This is merely moving the non-free firmware from one bundle of software to another. When the move is complete the Fedora project will still distribute the non-free firmware package alongside their other packages, thus endorsing the non-free software. This change doesn’t address the issue of software freedom at all because this change was not meant to give Fedora GNU/Linux users software freedom. Relocating the package where the non-free firmware comes from is a minor bookkeeping detail. A default Fedora GNU/Linux install will either install the non-free firmware package or steer the user toward a Fedora project repository where the non-free firmware package can be downloaded. From the perspective of a user’s software freedom, the Fedora project’s effort to relocate the non-free firmware is doing a good job of reaching a bad goal rather than encouraging users to favor hardware they can operate in freedom, or to write and publish free firmware to operate the hardware that doesn’t work in freedom. For the free software movement, non-free software is a social problem to be fixed by increasing a user’s software freedom. For the Fedora project non-free firmware is acceptable non-free software to remedy an inconvenience even if that means making users become dependent upon the proprietor. By contrast, it’s a good bet that the Linux-libre project‘s work (to distribute a Free Linux kernel) became a part of the GNU Project because Linux-libre makes these choices in a way which make software freedom a priority—Linux Libre comes with only Free Software.

Kofler also maintains that hardware which moves firmware into ROM makes the firmware proprietary (“Firmware in a ROM is proprietary forever.”). This misunderstanding highlights how the user’s freedom is not taken to heart: non-free firmware is software only the firmware proprietor can alter. By contrast, code in ROM is code nobody can alter. Neither of these situations are particularly desirable because the user might want to understand and alter this code, so free firmware is the best option. But code in ROM is different from non-free firmware: code in ROM means the user and the manufacturer are equally unable to alter the code. No software update will change the ROM. By contrast, a proprietor could issue a new proprietary firmware file. If a user’s system loads that new firmware file into the hardware, the hardware’s behavior changes and that user’s software freedom is denied. A proprietor’s promise of someday freeing the firmware doesn’t change the reality on the ground—non-free firmware is non-free software which keeps users subordinate to the proprietor. Kofler also later maintains that “Burning something into a ROM does not magically make it “hardware”.”. When one looks at this situation from the perspective of gaining software freedom rather than prioritizing convenience at the cost of freedom, hardware with code in ROM is unmodifiable.

Kofler asks “Imagine Apple making a ROM iPhone, maybe so they can sell you a new phone each time they upgrade iOS, would that make it a Free smartphone???”. Such a change could give those users a less moving target with which to focus their efforts when trying to get iThings to run Free Software. Thus, an iThing with code only in ROM chips would provide a Free Software developer a chance to develop something once and be sure their software wouldn’t be rendered obsolete due to Apple changing how that iThing worked.

As it stands, Apple is already selling many of their iThings based on changes to iOS which they don’t backport to older Apple hardware. But the issue of one’s liberties for cell phones carries challenges beyond software freedom for computers. Cell phones rely on cell phone towers which track one’s location. A cell phone’s usefulness is greatly diminished when one has no cell phone tower access. Richard Stallman, founder of the GNU Project, discusses this at some length in his talk on “A Free Digital Society”.

Kofler claims “Or what if Unix had been in a ROM? Then GNU as it was at its beginning wouldn’t even have been possible!”. This is a side issue at best, but I doubt any of the salient points of GNU’s beginning would be significantly different. GNU began as a project to bring a free Unix-compatible OS into existence (Stallman wished to “put together a sufficient body of free software so that I will be able to get along without any software that is not free”). The Unix system Richard Stallman used at MIT’s Artificial Intelligence Lab was proprietary. A laser printer software issue highlighted how frustrating and unjust it was to not have the freedom to control one’s computer, so Stallman quit working for MIT and began the GNU Project to liberate all computer users from the tyranny of (what would later become known as) non-free software. Bringing GNU into existence required either writing new programs (where no free alternative existed) or finding free replacements to press into service. All of this would have been true if the Unix system were in ROM.

The Fedora project apparently teaches people to endorse the open source philosophy of developmental convenience not the ethical examination one finds in the free software movement. I hope that the Fedora project’s position will change to favor software freedom and the Fedora project’s behavior will change to allow the GNU Project to list Fedora GNU/Linux among its recommended distributions.

China Daily reports that Apple has lost a copyright infringement case in China and told to pay $118,000 for commercially distributing copies of books in their store without permission from the copyright holders.

Judge Feng Gang said Apple should take responsibility since, as a big online downloading platform, it has the duty of checking whether books uploaded by third parties are in line with current laws.

“The writers involved this time include Mai Jia, whose books are often on best-seller lists across the country,” he said. “In this way, Apple has the capability to know the uploaded books on its online store violated the writer’s copyright.”